diff --git a/policy/modules/services/rpcbind.if b/policy/modules/services/rpcbind.if
index df92a8f6d..a96249cf9 100644
--- a/policy/modules/services/rpcbind.if
+++ b/policy/modules/services/rpcbind.if
@@ -18,6 +18,26 @@ interface(`rpcbind_domtrans',`
domtrans_pattern($1, rpcbind_exec_t, rpcbind_t)
')
+########################################
+##
+## Connect to rpcbindd over an unix stream socket.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`rpcbind_stream_connect',`
+ gen_require(`
+ type rpcbind_t, rpcbind_var_run_t;
+ ')
+
+ files_search_pids($1)
+ allow $1 rpcbind_var_run_t:sock_file write;
+ allow $1 rpcbind_t:unix_stream_socket connectto;
+')
+
########################################
##
## Read rpcbind PID files.
@@ -97,7 +117,7 @@ interface(`rpcbind_manage_lib_files',`
########################################
##
-## All of the rules required to administrate
+## All of the rules required to administrate
## an rpcbind environment
##
##
diff --git a/policy/modules/services/rpcbind.te b/policy/modules/services/rpcbind.te
index 8e47021a0..b75dd7e85 100644
--- a/policy/modules/services/rpcbind.te
+++ b/policy/modules/services/rpcbind.te
@@ -1,5 +1,5 @@
-policy_module(rpcbind, 1.4.0)
+policy_module(rpcbind, 1.4.1)
########################################
#
@@ -42,6 +42,7 @@ files_var_lib_filetrans(rpcbind_t, rpcbind_var_lib_t, { file dir sock_file })
kernel_read_system_state(rpcbind_t)
kernel_read_network_state(rpcbind_t)
+kernel_request_load_module(rpcbind_t)
corenet_all_recvfrom_unlabeled(rpcbind_t)
corenet_all_recvfrom_netlabel(rpcbind_t)